CVE-2026-40194 | phpseclib up to 1.0.27/2.0.52/3.0.50 SSH2::get_binary_packet timing discrepancy (GHSA-r854-jrxh-36qx)

Inserito da Angelo Barbosa | Apr 10, 2026 | CVE

A vulnerability classified as problematic was found in phpseclib up to 1.0.27/2.0.52/3.0.50. Impacted is the function SSH2::get_binary_packet. Executing a manipulation can lead to observable timing discrepancy.

The identification of this vulnerability is CVE-2026-40194. The attack may be launched remotely. There is no exploit available.

Upgrading the affected component is advised.

CVE-2026-40194 | phpseclib up to 1.0.27/2.0.52/3.0.50 SSH2::get_binary_packet timing discrepancy (GHSA-r854-jrxh-36qx)

Post correlati

CVE-2024-6869 | Falang Multilanguage Plugin up to 1.3.52 on WordPress Translation Update authorization

CVE-2024-22012 | Google Android kernel out-of-bounds write

CVE-2025-2411 | Akinsoft TaskPano up to 1.06.05 excessive authentication

CVE-2025-60358 | Radare2 up to 5.9.8 _load_relocations memory leak